Definition

content spoofing

Content spoofing is a type of exploit used by a malicious hackers to present a faked or modified Web site to the user as if it were legitimate. The intent is, typically, to defraud victims (as in phishing) although sometimes the purpose is simply to misrepresent an organization or an individual. Content spoofing often exploits an established trust relationship between a computer user and an organization.

The attacker typically leads an Internet user to spoofed content through e-mail, bulletin-board postings and chat-room transmissions. In some cases, an attacker may modify information and links in an established Web site by accessing and altering content on the server. The latter type of content spoofing is more difficult to detect because there is no readily apparent difference to the casual observer.

The most dangerous content spoofing is done with DHTML (dynamic HTML) content sources such as forms and log-in applications. When a Web page with spoofed content is viewed by an Internet user, the location bar displays what appears to be a legitimate URL. However, the attacker has generated or altered by the page. As a result, when the user enters sensitive data (such as a credit card number, password, bank account number, birth date, or Social Security number), the attacker can obtain the data for identity theft or some other fraudulent purpose.

This was last updated in September 2006

Continue Reading About content spoofing

The Web Application Security Consortium describes content spoofing and provides an example of how it is done.

Secunia identifies a content spoofing vulnerability in Windows, and provides links to appropriate patches.

Dig Deeper on Internet Application Security

SearchCloudComputing

content spoofing

Continue Reading About content spoofing

Dig Deeper on Internet Application Security

How to prevent network eavesdropping attacks

phishing kit

7 TCP/IP vulnerabilities and how to prevent them

Phishing-as-a-service threats abusing cloud services

SearchCloudComputing

How to choose between IaaS and SaaS cloud models

COVID-19 and remote work shift cloud predictions for 2021

Cloud providers jockey for 2021 market share

SearchAppArchitecture

Examining the low-code market's race for citizen developers

BPM vs. BPA: The differences in strategy and tooling

Enterprise application trends that will impact 2021

SearchITOperations

Evaluate Spinnaker vs. Jenkins for CI/CD

5 AIOps skills to add to your DevOps resume

Manage cluster resources with Kubernetes requests and limits

TheServerSide.com

What's in a name? What developers can expect in Jakarta EE 9

Test your knowledge of variable naming conventions

Why GitHub renamed its master branch to main

SearchAWS

Amazon's impact on publishing transforms the book industry

How Amazon and COVID-19 influence 2020 seasonal hiring trends

New Amazon grocery stores run on computer vision, apps

Continue Reading About content spoofing

Related Terms

Dig Deeper on Internet Application Security

How to prevent network eavesdropping attacks

phishing kit

7 TCP/IP vulnerabilities and how to prevent them

Phishing-as-a-service threats abusing cloud services